Privacy Policy for Nordlyd Studio

Nordlyd Studio (“we”, “us”, “our”) operates as a record-studio and is the data controller for the personal data described in this Privacy Policy. This Privacy Policy explains how Nordlyd Studio collects, uses, discloses, stores, and protects personal data when you contact us, visit our premises, use our services, or otherwise interact with us.

Company information:
Nordlyd Studio
Torggata 12, 0181 Oslo, Norway
Email: [email protected]
Phone: +47 22 85 74 19

1. Introduction and company information

This Privacy Policy applies to all personal data processed by Nordlyd Studio in connection with our record-studio services, including studio bookings, recording sessions, mixing and mastering services, client communications, invoicing, website inquiries, and related administrative activities.

We are committed to handling personal data in a lawful, fair, transparent, and secure manner, and to respecting the privacy of artists, clients, collaborators, visitors, and other individuals whose data we process.

2. Data collection and processing

We may collect and process the following categories of personal data:

• Identification data: name, stage name, company name, and contact details.
• Contact data: email address, phone number, postal address, and preferred communication method.
• Booking and service data: session dates, project details, service preferences, technical requirements, and communication related to studio bookings.
• Payment and invoicing data: billing information, transaction details, and payment status.
• Technical data: IP address, browser type, device information, and website usage data if you interact with our website.
• Content data: audio files, recordings, lyrics, project files, and other materials submitted for studio services.
• Communication data: emails, messages, call notes, and other correspondence.
• Security data: CCTV or access logs, where applicable and permitted, for security and safety purposes.

We generally collect personal data directly from you. In some cases, we may receive data from third parties such as payment providers, booking platforms, business partners, or representatives acting on your behalf.

3. Purpose of data processing

Nordlyd Studio processes personal data for the following purposes:

• to manage inquiries and communicate with clients and prospective clients;
• to arrange, confirm, and deliver studio bookings and related services;
• to prepare quotations, contracts, invoices, and receipts;
• to process payments and maintain accounting records;
• to store and manage project materials and session-related files;
• to provide customer support and handle complaints or follow-up requests;
• to maintain the security of our premises, systems, and operations;
• to comply with legal obligations, including accounting, tax, and record-keeping requirements;
• to improve our services, website, and internal operations;
• to defend against legal claims and protect our rights and interests.

4. Legal basis for processing

We process personal data only where we have a lawful basis to do so. Depending on the context, our legal bases may include:

• Performance of a contract: where processing is necessary to provide studio services, manage bookings, or fulfill contractual obligations.
• Consent: where you have given clear consent for specific processing activities, such as certain marketing communications or optional uses of materials.
• Legal obligation: where processing is required to comply with applicable laws, including accounting and tax obligations.
• Legitimate interests: where processing is necessary for our legitimate business interests, such as maintaining security, improving services, preventing fraud, and managing business operations, provided that these interests are not overridden by your rights and freedoms.

5. Data sharing and third parties

We may share personal data with third parties only when necessary and appropriate for the purposes described in this Privacy Policy. Such third parties may include:

• payment service providers and banks;
• accountants, auditors, and legal advisors;
• IT, cloud storage, hosting, and software service providers;
• booking, scheduling, and communication platform providers;
• public authorities, where required by law;
• business partners or subcontractors involved in delivering studio services.

We require third parties to handle personal data in accordance with applicable data protection obligations and only for the purposes for which the data was disclosed.

6. Data transfer to third countries

In some cases, personal data may be transferred to or accessed from countries outside Norway or the European Economic Area (EEA), for example where we use international cloud services or other external providers.

Where such transfers occur, Nordlyd Studio will take appropriate safeguards to protect personal data, such as relying on adequacy decisions, standard contractual clauses, or other legally recognized transfer mechanisms, as applicable.

7. Storage duration

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, unless a longer retention period is required or permitted by law.

• Client and booking records: retained for the duration of the business relationship and for a reasonable period thereafter.
• Accounting and tax records: retained for the period required by applicable law.
• Communication records: retained as long as needed to manage the inquiry, project, or dispute.
• Project files and audio materials: retained according to the agreed service terms or until deletion is requested, subject to contractual and legal requirements.
• Security records: retained for a limited period unless needed for incident investigation or legal claims.

When personal data is no longer needed, we will delete, anonymize, or securely archive it in accordance with our retention practices.

8. User rights (access, rectification, erasure, restriction, data portability, objection)

Subject to applicable law, you may have the following rights regarding your personal data:

• Access: to request confirmation of whether we process your personal data and to obtain a copy of that data.
• Rectification: to request correction of inaccurate or incomplete personal data.
• Erasure: to request deletion of personal data in certain circumstances.
• Restriction: to request that we limit the processing of your personal data in certain cases.
• Data portability: to receive certain personal data in a structured, commonly used, machine-readable format and, where technically feasible, to have it transmitted to another controller.
• Objection: to object to processing based on legitimate interests and, where applicable, to direct marketing.

To exercise any of these rights, please contact us using the details provided below. We may request information necessary to verify your identity before responding to your request.

9. Withdrawal of consent

Where processing is based on your consent, you may withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.

If you withdraw consent, we will stop the relevant processing unless we have another lawful basis for continuing it.

10. Right to complain

If you believe that Nordlyd Studio has processed your personal data in a manner that does not comply with applicable privacy laws, you have the right to lodge a complaint with the relevant supervisory authority.

We encourage you to contact us first so that we may try to resolve your concern directly and promptly.

11. Data security

Nordlyd Studio implements appropriate technical and organizational measures to protect personal data against unauthorized access, loss, alteration, disclosure, or destruction. These measures may include access controls, password protection, secure storage, limited access on a need-to-know basis, and regular review of our security practices.

While we take reasonable steps to protect personal data, no method of transmission or storage is completely secure. We therefore cannot guarantee absolute security.

12. Contact information

If you have questions about this Privacy Policy or wish to exercise your rights, please contact:

Nordlyd Studio
Torggata 12, 0181 Oslo, Norway
Email: [email protected]
Phone: +47 22 85 74 19

13. Changes to privacy policy

Nordlyd Studio may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. Any updated version will be made available through our usual communication channels or on our website, where applicable.

The date of the latest revision should be reviewed whenever this policy is presented to ensure it reflects the current version in use.